//Except for its size, the OS is the least of what needs to be protected: that can always be reloaded.
Personal media, personal info, archives, etc. : most everything on a PC is read-only.//

If the proposed system was intended to protect personal files, it would be effectively essential to be able to write new files to the hard-disk section (as opposed to editing existing files). As otherwise the switch will soon be set to off and left there by virtually all users. This requirement would naturally make secure implementation more difficult.

Furthermore, it _is_ important to protect the OS - deleting/ corrupting/ holding-to-ransom irreplaceable files is not the only security risk. Denial of service and theft of private information (eg. banking data or personal material) are two threats which spring to mind.
If one ignores the OS, then it would be fairly simple for malware to hang around in stealth mode until it detected that the switch was flicked off...

Data Execution Prevention (DEP) is a CPU instruction which when enabled prevents the OS from running code in areas that are supposed to contain data rather than instructions.

Let's consider how Data Write Prevention would work with a mechanical switch. Each time the computer is powered up, the kernel must be loaded into memory. Would a CPU instruction enable RAM locking only after the OS has loaded? Wouldn't the machine remain vulnerable during boot? Sections of ROM and RAM would need to be marked somehow. This could be baked with a new filesystem and similar techniques as used in DEP.

The kernel is only a small attack vector, so I wonder about the cost/benefit to such a facility.